Hello
I'm trying to set up an ldap server with sasl authentication.
I'm using this on potato with mit kerberos, so i've recompiled
cyrus-sasl with the mit kerberos stuff, and then compiled
openldap after that. that appears to work and i can add
entries with simple auth, and i can search with sasl/gssapi
auth. the problem is i can't put in something like this:
rootdn "[EMAIL PROTECTED]"
and add entries with that dn. i get this:
node0:/home/awettste/MigrationTools-27# ldapadd -h node0 -D '[EMAIL PROTECTED]'
-f entry.ldif
SASL/GSSAPI authentication started
SASL SSF: 56
SASL installing layers
adding new entry "uid=awettstein,ou=People,dc=node0,dc=cait,dc=org"
ldap_add: Insufficient access
additional info: no write access to parent
ldif_record() = 50
what am i missing? from the documentation it looks like that should be
sufficient.
thanks
andy
